ALT-BU-2023-2205-1
Branch sisyphus update bulletin.
Package kernel-image-un-def updated to version 6.0.19-alt1 for branch sisyphus in task 313319.
Closed vulnerabilities
BDU:2023-00164
Уязвимость функции ksmbd_decode_ntlmssp_auth_blob модуля ksmbd ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2023-01200
Уязвимость реализации протокола Upper Level Protocol (ULP) ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии, выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2023-0210
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=797805d81baa814f76cf7bdab35f86408a79d707
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=797805d81baa814f76cf7bdab35f86408a79d707
- https://github.com/cifsd-team/ksmbd/commit/8824b7af409f51f1316e92e9887c2fd48c0b26d6
- https://github.com/cifsd-team/ksmbd/commit/8824b7af409f51f1316e92e9887c2fd48c0b26d6
- https://security.netapp.com/advisory/ntap-20230517-0002/
- https://security.netapp.com/advisory/ntap-20230517-0002/
- https://securityonline.info/cve-2023-0210-flaw-in-linux-kernel-allows-unauthenticated-remote-dos-attacks/
- https://securityonline.info/cve-2023-0210-flaw-in-linux-kernel-allows-unauthenticated-remote-dos-attacks/
- https://www.openwall.com/lists/oss-security/2023/01/04/1
- https://www.openwall.com/lists/oss-security/2023/01/04/1
- https://www.openwall.com/lists/oss-security/2023/01/11/1
- https://www.openwall.com/lists/oss-security/2023/01/11/1
Modified: 2024-11-21
CVE-2023-0461
There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege. There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock. When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable. The setsockopt TCP_ULP operation does not require any privilege. We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2c02d41d71f90a5168391b6a5f2954112ba2307c
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2c02d41d71f90a5168391b6a5f2954112ba2307c
- https://kernel.dance/#2c02d41d71f90a5168391b6a5f2954112ba2307c
- https://kernel.dance/#2c02d41d71f90a5168391b6a5f2954112ba2307c
- https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html
- https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html
- https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html
- https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html
- https://security.netapp.com/advisory/ntap-20230331-0006/
Closed bugs
Включить TXGBE
Closed vulnerabilities
Modified: 2024-11-21
CVE-2023-23589
The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002.
- https://gitlab.torproject.org/tpo/core/tor/-/commit/a282145b3634547ab84ccd959d0537c021ff7ffc
- https://gitlab.torproject.org/tpo/core/tor/-/commit/a282145b3634547ab84ccd959d0537c021ff7ffc
- https://gitlab.torproject.org/tpo/core/tor/-/issues/40730
- https://gitlab.torproject.org/tpo/core/tor/-/issues/40730
- https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.7/ReleaseNotes
- https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.7/ReleaseNotes
- [debian-lts-announce] 20230128 [SECURITY] [DLA 3286-1] tor security update
- [debian-lts-announce] 20230128 [SECURITY] [DLA 3286-1] tor security update
- FEDORA-2023-1254a1fc28
- FEDORA-2023-1254a1fc28
- FEDORA-2023-c290171664
- FEDORA-2023-c290171664
- GLSA-202305-11
- GLSA-202305-11
- DSA-5320
- DSA-5320
Package kernel-image-std-debug updated to version 5.15.87-alt1 for branch sisyphus in task 313348.
Closed bugs
Проблемы с запуском на asus c201p
Package kernel-image-std-def updated to version 5.15.87-alt1 for branch sisyphus in task 313347.
Closed vulnerabilities
BDU:2022-07336
Уязвимость функции __do_proc_dointvec ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии
BDU:2023-00164
Уязвимость функции ksmbd_decode_ntlmssp_auth_blob модуля ksmbd ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2023-01122
Уязвимость функции run_unpack() компонента fs/ntfs3/run.c ядра операционных систем Linux, позволяющая нарушителю вызвать оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
BDU:2023-01746
Уязвимость функции ntfs_read_mft() в модуле fs/ntfs3/inode.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2022-4378
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.
- http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html
- http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html
- https://bugzilla.redhat.com/show_bug.cgi?id=2152548
- https://bugzilla.redhat.com/show_bug.cgi?id=2152548
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-6.0/proc-avoid-integer-type-confusion-in-get_proc_long.patch
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-6.0/proc-avoid-integer-type-confusion-in-get_proc_long.patch
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-6.0/proc-proc_skip_spaces-shouldn-t-think-it-is-working-on-c-strings.patch
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-6.0/proc-proc_skip_spaces-shouldn-t-think-it-is-working-on-c-strings.patch
- https://seclists.org/oss-sec/2022/q4/178
- https://seclists.org/oss-sec/2022/q4/178
Modified: 2025-02-27
CVE-2022-48424
In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur.
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.3
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.3
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4f1dc7d9756e66f3f876839ea174df2e656b7f79
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4f1dc7d9756e66f3f876839ea174df2e656b7f79
- https://security.netapp.com/advisory/ntap-20230505-0002/
- https://security.netapp.com/advisory/ntap-20230505-0002/
Modified: 2024-11-21
CVE-2023-0210
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems.
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=797805d81baa814f76cf7bdab35f86408a79d707
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=797805d81baa814f76cf7bdab35f86408a79d707
- https://github.com/cifsd-team/ksmbd/commit/8824b7af409f51f1316e92e9887c2fd48c0b26d6
- https://github.com/cifsd-team/ksmbd/commit/8824b7af409f51f1316e92e9887c2fd48c0b26d6
- https://security.netapp.com/advisory/ntap-20230517-0002/
- https://security.netapp.com/advisory/ntap-20230517-0002/
- https://securityonline.info/cve-2023-0210-flaw-in-linux-kernel-allows-unauthenticated-remote-dos-attacks/
- https://securityonline.info/cve-2023-0210-flaw-in-linux-kernel-allows-unauthenticated-remote-dos-attacks/
- https://www.openwall.com/lists/oss-security/2023/01/04/1
- https://www.openwall.com/lists/oss-security/2023/01/04/1
- https://www.openwall.com/lists/oss-security/2023/01/11/1
- https://www.openwall.com/lists/oss-security/2023/01/11/1
Modified: 2024-11-21
CVE-2023-26544
In the Linux kernel 6.0.8, there is a use-after-free in run_unpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size.
- https://bugzilla.suse.com/show_bug.cgi?id=1208697
- https://bugzilla.suse.com/show_bug.cgi?id=1208697
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=887bfc546097fbe8071dac13b2fef73b77920899
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=887bfc546097fbe8071dac13b2fef73b77920899
- https://lkml.org/lkml/2023/2/20/128
- https://lkml.org/lkml/2023/2/20/128
- https://security.netapp.com/advisory/ntap-20230316-0010/
- https://security.netapp.com/advisory/ntap-20230316-0010/
Closed bugs
Проблемы с запуском на asus c201p